<?php

namespace App\Http\Middleware;

use App\Setting;
use Closure;
use Illuminate\Http\Request;

class CheckSesame
{
    /**
     * Handle an incoming request.
     *
     * @param Request $request
     * @param Closure $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next): mixed
    {
        $timestamp = $request->get('timestamp');
        $sign = $request->get('sign');
        if (time() - $timestamp > 500) {
            return response("签名时间过期!");
        }
        if (!($secret = config('app.sync_secret'))) {
            return response("未启用!");
        }
        if ($sign === base64_encode(hash_hmac('sha256', $timestamp, $secret))) {
            return $next($request);
        }
        return response("签名错误!");
    }
}
